what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 59 RSS Feed

Files

linksys-WET11_pass-reset.txt
Posted Apr 17, 2005
Authored by Kristian Hermansen | Site ht-technology.com

The Cisco Linksys WET11 is vulnerable to having the password reset simply by going to a known URL on the administrative interface recently after the systems administrator has logged in. It is not necessary to know the current password.

tags | exploit
systems | cisco
SHA-256 | 41a5685548d9372b766fdd212e2e121b1473c1fcba0c32e03733c9355f3cea6d

Related Files

Linksys E1500 Directory Traversal
Posted Sep 1, 2024
Authored by Jay Turla | Site metasploit.com

This Metasploit module exploits a directory traversal vulnerability which is present in different Linksys home routers, like the E1500.

tags | exploit
SHA-256 | 1b266011b49f772cc08ef8b3e5dea3809e10c85a4414090de77d328704d8e8ad
Linksys WRT54GL Remote Command Execution
Posted Aug 31, 2024
Authored by Jay Turla | Site metasploit.com

Some Linksys Routers are vulnerable to OS Command injection. You will need credentials to the web interface to access the vulnerable part of the application. Default credentials are always a good starting point. admin/admin or admin and blank password could be a first try. Note: This is a blind OS command injection vulnerability. This means that you will not see any output of your command. Try a ping command to your local system and observe the packets with tcpdump (or equivalent) for a first test. Hint: To get a remote shell you could upload a netcat binary and exec it. WARNING: this module will overwrite network and DHCP configuration.

tags | exploit, remote, web, shell, local
SHA-256 | c0a0294f6b84501bb7ca89228ea567596e04b04818d4997fb6266f71b440692b
Linksys E1500/E2500 Remote Command Execution
Posted Aug 31, 2024
Authored by Jay Turla | Site metasploit.com

Some Linksys Routers are vulnerable to an authenticated OS command injection. Default credentials for the web interface are admin/admin or admin/password. Since it is a blind os command injection vulnerability, there is no output for the executed command. A ping command against a controlled system for can be used for testing purposes.

tags | exploit, web
SHA-256 | 7f7d1bbbfb525f37582b2bf919f733423d2bcd0aca7120a2b10a56d88e9c9eb0
Linksys WRT120N TmUnblock Stack Buffer Overflow
Posted Aug 31, 2024
Authored by Craig Heffner, Michael Messner | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow vulnerability in the WRT120N Linksys router to reset the password of the management interface temporarily to an empty value. This Metasploit module has been tested successfully on a WRT120N device with firmware version 1.0.07.

tags | exploit, overflow
SHA-256 | 8c48cc9aba6358bbaaaa868166dc5b29ae82fbde8cfb579604b70ce724082f81
Linksys AX3200 1.1.00 Command Injection
Posted Mar 24, 2023
Authored by Ahmed Alroky

Linksys AX3200 version 1.1.00 suffers from a remote command injection vulnerability.

tags | exploit, remote
advisories | CVE-2022-38841
SHA-256 | 70551db6a71971ee82e0b02a5060b2c4eb6554d8452a0b3e5bf15708b8f17148
Linksys EA7500 2.0.8.194281 Cross Site Scripting
Posted Mar 25, 2021
Authored by MiningOmerta

Linksys EA7500 version 2.0.8.194281 suffers from a cross site scripting vulnerability due to an old jQuery version.

tags | exploit, xss
advisories | CVE-2012-6708
SHA-256 | ed64587e6af38672498f31d0fd4d09d6a672715c905304f9cc64acecea858861
Linksys RE6500 1.0.11.001 Remote Code Execution
Posted Dec 17, 2020
Authored by RE-Solver

Linksys RE6500 version 1.0.11.001 unauthenticated remote code execution exploit.

tags | exploit, remote, code execution
SHA-256 | 9efc9ac468518ee2905498668bcc7c0449034c86f3cda495c0476099603232f6
Linksys.com Cross Site Scripting
Posted Jul 23, 2018
Authored by Ismail Tasdelen

Linksys.com suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 277fce00d69a11ebe93c5dbe29b716a34e3d3c0b6bc82d5e1e02f2178b4090cb
Linksys WVBR0-25 User-Agent Command Execution
Posted Jan 4, 2018
Authored by HeadlessZeke | Site metasploit.com

The Linksys WVBR0-25 Wireless Video Bridge, used by DirecTV to connect wireless Genie cable boxes to the Genie DVR, is vulnerable to OS command injection in versions prior to 1.0.41 of the web management portal via the User-Agent header. Authentication is not required to exploit this vulnerability.

tags | exploit, web
advisories | CVE-2017-17411
SHA-256 | 60407736f7e1de1519b05fc55add0932a67fcd3d6570595d9a8476a3162c5651
Linksys E2500 / E1200 Command Injection
Posted Aug 15, 2016
Authored by Samuel Huntley

Linksys E2500 and E1200 devices suffered from a command injection vulnerability.

tags | advisory
SHA-256 | 4809215ff6bf7ac34139ad0ed64e0c279221a469257b12c842d63878327b9050
Linksys E1200 Authorization Bypass
Posted Aug 15, 2016
Authored by Samuel Huntley

Parent controls on the Linksys E1200 suffered from having missing authorization controls.

tags | advisory, bypass
SHA-256 | d69510cd73278b8deb8109b50b2d422b2b1d8c1673b2ab98fec4e63eead695a9
Linksys X2000 Command Execution
Posted Nov 3, 2015
Authored by Lorenzo Pistone

The Linksys X2000 suffers from a remote, unauthenticated command execution vulnerability that scores root privileges.

tags | exploit, remote, root
SHA-256 | 780ce5cf269501946fe350376b8f4c285c696d279123637112d467d5e14f3e90
Linksys E-Series TheMoon Remote Command Injection
Posted Apr 5, 2014
Authored by Michael Messner, Rew, juan vazquez, infodox, Johannes Ullrich | Site metasploit.com

Some Linksys E-Series Routers are vulnerable to an unauthenticated OS command injection. This vulnerability was used from the so called "TheMoon" worm. There are many Linksys systems that might be vulnerable including E4200, E3200, E3000, E2500, E2100L, E2000, E1550, E1500, E1200, E1000, E900. This Metasploit module was tested successfully against an E1500 v1.0.5.

tags | exploit, worm
SHA-256 | 8562df406cf3a664284fb32daf860dcc7c4a95b65db2f358b2abed16cc85d646
Linksys Worm Remote Root
Posted Feb 17, 2014
Authored by infodox

Proof of concept exploit used by the recent Linksys worm (known as "Moon"). Exploits blind command injection in tmUnblock.cgi.

tags | exploit, worm, cgi, proof of concept
SHA-256 | ae7d5127e7b3b8fa46d888c48b1a569122f9a4eb074e9be265ffb8853f9989d3
Linksys EA2700, EA3500, E4200, EA4500 Authentication Bypass
Posted Feb 17, 2014
Authored by Kyle Lovett, Matt Claunch

Linksys products EA2700, EA3500, E4200, and EA4500 suffer from having an unauthenticated interface on port 8083 periodically.

tags | advisory
advisories | CVE-2013-5122
SHA-256 | c93dc6b97572e7b9d7273d159d461be3bb7465f6b1ea286140fabecda91500c0
Linksys E-Series Remote Code Execution
Posted Feb 17, 2014
Authored by Rew

Linksys E-Series unauthenticated remote command execution exploit that leverages the same vulnerability as used in the "Moon" worm.

tags | exploit, worm, remote
SHA-256 | 78e82ca781d0bf202c1592072afde4056c2f49e9ef54f2deb4e6b7ae0a5203ab
Linksys WRT110 Remote Command Execution
Posted Oct 8, 2013
Authored by juan vazquez, Craig Young, joev | Site metasploit.com

The Linksys WRT110 consumer router is vulnerable to a command injection exploit in the ping field of the web interface.

tags | exploit, web
advisories | CVE-2013-3568
SHA-256 | 44b428488518ed2abeee03160462e56c8203577c382cafa8ace86476e15928be
Linksys WRT110 Remote Command Execution
Posted Sep 20, 2013
Authored by Craig Young | Site metasploit.com

The Linksys WRT110 consumer router is vulnerable to a command injection exploit in the ping field of the web interface.

tags | exploit, web
advisories | CVE-2013-3568
SHA-256 | 5fdabb65539c0e2248afcba9871e415908777fb0b2f288107530f6a551406d99
Linksys Access Bypass
Posted Aug 15, 2013
Authored by Kyle Lovett

On various Linksys devices, an unspecified bug can cause an unsafe/undocumented TCP port to open allowing for unauthenticated remote access to the device.

tags | advisory, remote, tcp, bypass
advisories | CVE-2013-5122
SHA-256 | 498c65c860fe5d919123b02b7dda83e1dd02868d0b1adb1db402354c60007bd1
Linksys WRT110 Command Injection / CSRF
Posted Jul 12, 2013
Authored by Craig Young

Linksys WRT110 suffers from root shell command injection and cross site request forgery vulnerabilities.

tags | advisory, shell, root, vulnerability, csrf
advisories | CVE-2013-3568
SHA-256 | 850308c35db1a6b6413065eb09749bb1a66bb16d4e5f80c535788b446adada12
Linksys EA2700 / EA3500 / E4200 / EA4500 Unauthenticated Access
Posted Jul 3, 2013
Authored by Kyle Lovett

Linksys versions EA2700, EA3500, E4200, EA4500 using lighttpd 1.4.28 and Utopia on Linux 2.6.22 suffer from an unauthenticated access vulnerability.

tags | advisory, bypass
systems | linux
SHA-256 | 266da9dd8a7b398661ea49b23a60a0543c4ac5cb9c8e7faecc5ce203cbee23b6
Linksys X3000 Cross Site Scripting / Command Execution
Posted Jun 24, 2013
Authored by Michael Messner

Linksys X3000 with firmware version 1.0.03 build 001 suffers from cross site scripting and remote command injection vulnerabilities.

tags | exploit, remote, vulnerability, xss
SHA-256 | 9c441bf0e5c4abc193de4dc4b9a32d21f52156309d5de56f97d5e1c801f09e64
Linksys WRT160n apply.cgi Remote Command Injection
Posted May 21, 2013
Authored by Michael Messner, juan vazquez | Site metasploit.com

Some Linksys Routers are vulnerable to an authenticated OS command injection on their web interface where default credentials are admin/admin or admin/password. Since it is a blind OS command injection vulnerability, there is no output for the executed command when using the cmd generic payload. This Metasploit module has been tested on a Linksys WRT160n version 2 - firmware version v2.0.03. A ping command against a controlled system could be used for testing purposes. The exploit uses the tftp client from the device to stage to native payloads from the command injection.

tags | exploit, web
advisories | OSVDB-90093
SHA-256 | f9f09e58e33c3c7939cc2ed16b2c26b3cc52e2b7e29498141ef9d035fec7d9f7
Cisco Linksys E1200 / N300 Cross Site Scripting
Posted Apr 29, 2013
Authored by Carl Benedict

Cisco Linksys E1200 and N300 routers version 2.0.04 suffer from a cross site scripting vulnerability.

tags | exploit, xss
systems | cisco
SHA-256 | c940fba04264c2e267af39f6a7ead1f281c2d9cc0420ff4ca58897013a5ee1c6
Linksys WRT54GL apply.cgi Command Execution
Posted Apr 10, 2013
Authored by Michael Messner, juan vazquez | Site metasploit.com

Some Linksys Routers are vulnerable to an authenticated OS command injection in the Web Interface. Default credentials are admin/admin or admin/password. Since it is a blind os command injection vulnerability, there is no output for the executed command when using the cmd generic payload. A ping command against a controlled system could be used for testing purposes. The user must be prudent when using this module since it modifies the router configuration while exploitation, even when it tries to restore previous values.

tags | exploit, web
advisories | OSVDB-89912
SHA-256 | 842e633a501f723e29c147350b0f672da78b474050f74be28f55d1501d673b3c
Page 1 of 3
Back123Next

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    16 Files
  • 10
    Sep 10th
    38 Files
  • 11
    Sep 11th
    21 Files
  • 12
    Sep 12th
    40 Files
  • 13
    Sep 13th
    18 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    0 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close